According to the EFF SSL Observatory datasets, the following countries have
control of certificate authorities that are trusted by modern browsers. These
are the two-letter ISO country codes included in the CA certificate. The fact
that the certificate lists this country code is not a guarantee that the
private key is actually in that country, or that the CA could be compelled to
sign things by that country's government or laws, but it is highly indicative
of that situation.
['AE', 'AT', 'AU', 'BE', 'BG', 'BM', 'BR', 'CA', 'CH', 'CL', 'CN', 'CO', 'CZ',
'DE', 'DK', 'EE', 'ES', 'EU', 'FI', 'FR', 'GB', 'HK', 'HU', 'IE', 'IL', 'IN',
'IS', 'IT', 'JP', 'KR', 'LT', 'LV', 'MK', 'MO', 'MX', 'MY', 'NL', 'NO', 'PL',
'PT', 'RO', 'RU', 'SE', 'SG', 'SI', 'SK', 'TN', 'TR', 'TW', 'UK', 'US', 'UY',
'WW', 'ZA']